EET Europarts complies with the legislation when handling personal data and we make sure to have the highest possible safety procedures in order to respond to threats and attacks. We protect the customers’ data to earn the customers’ trust – whether handling personal data or other information.

Below you can read about how EET Europarts take on the responsibility of protecting customer data and how the customers can exercise their rights.

Background

EET Europarts handles the customers’ personal data, defined by any information about a physical identified or identifiable person. Every customer might have one or more physical persons affiliated. The data encompasses the customer’s company name, company address, email address, telephone number, customer number, order number, IP address, cookie number, information regarding the physical persons affiliated with the customer, use of our website, etc.

EET Europarts has professional companies as customers and EET Europarts’ handling of data is therefore primarily of legal persons. EET Europarts do, however, handle data regarding physical persons, in case there are any affiliated to the legal persons. The term “customer” in this policy therefore also covers the physical persons who own the companies or are employed in the companies, that EET Europarts has as customers. Finally, the term also covers visitors of EET Europarts’ website who are not logged in, and where EET Europarts, as a result, cannot determine whether it is a customer, a potential customer or another stakeholder.

If you have any questions regarding the handling of your data (including personal data), please send an email to info@eeteuroparts.at

Principles

EET Europarts handles personal data in accordance with the principles in the General Data Protection Regulation (GDPR) and the Data Protection Legislation.

EET Europarts handles personal data lawfully, fairly and transparently. For every handling, a purpose is established. We do not handle more data than necessary to fulfil the purpose. We do what we can to ensure that the information is correct. We do not store the data for a longer time than necessary. We protect data, systems and processes with contemporary safety technologies. We can document our actions.

Purpose

EET Europarts has established a list of concrete purposes for the handling of data, for the individual IT systems and the personal data registered herein. Generally, EET Europarts handles the customers’ personal data with the following purposes:

·Registration of potential customers

·Creation and approval of customers

·Servicing of customers to be able to deliver a service or accomplish a sale

·Personalized services, including development and promotion of products and services

·Registration of customers with regards to comply with the legislation.

Declaration of Consent

In several cases, EET Europarts will ask the physical customers for permission to handle their personal data, before the handling takes place. To ask for permission is also called requesting a declaration of consent. You can, at any time, withdraw your consent, and EET Europarts will then terminate the handling of data.

Rights

EET Europarts’ customers have a list of rights regarding the handling of their personal data according to the GDPR. These rights mean, i.a., that the customers can be informed of what type of personal data EET Europarts possesses and in some cases have them deleted.

The customers can apply for access. This means that the customers can ask EET Europarts what personal data EET Europarts handles and with what purposes, etc.

The customers can request to have personal data amended, which they do not find correct. The customers’ administrators can amend the rights granted to the customers’ employees themselves.

The customers can request to have personal data deleted, which they find that EET Europarts should or may not have registered.

The customers can request that the handling of personal data is limited. This means that the data is not deleted, but it is specified that they may not be handled and the access to them is restricted.

The customers can take exception to a specific handling taken place. This means that the data may potentially still be applied for other legal purposes. The objection may have a temporary character in relation to a concrete purpose and i.a. be defined by the employee’s immediate situation.

The customers have, under certain limited circumstances, the opportunity to request their own personal data handed over.

The customers have the right not to be profiled, unless it is crucial to be able to create a contract. EET Europarts finds it crucial that a profiling has been made to be able to make an assessment of creditworthiness, when a contract with credit is requested.

On the contrary, it is not crucial for the contract to profile the customers’ use of the website, which is why a profiling is only made with a consent in this case. See the section “Declaration of consent”.

EET Europarts will always meet a request for access. EET Europarts will always consider the fairness of the execution of the additional rights and perform a specific evaluation of whether a submitted access request should be met. The customers may always file a complaint against a decision made by EET Europarts. See the section “Complaints”.

Safety

EET Europarts has incorporated any suitable technical and organizational precautions, in order to protect personal data against unintended loss and any illegal handling. This means, that EET Europarts explores every system and data, and take the threats that might appear into consideration. The safety encompasses both organizational initiatives such as policies and procedures, and a list of technical initiatives.

To protect our infrastructure we will not go into details with what specific initiatives EET Europarts have instituted. However, we can mention that the initiatives include policies, procedures, organisation, employee safety, administration of suppliers, development, assets, admissions and operation settlement, management of threats and safety matters, compliance to legislation, etc.

If you, as a customer, have a specific question regarding our safety procedures, you are always welcome to contact us. See our contact information above.

Violation of the Personal Data Privacy

If a violation of personal data privacy, which involves EET Europart’s customers, occur, and the violation in question is estimated to constitute a high risk for the customers, EET Europarts will inform the Data Protection Agency as soon as possible and will together with the agency consider to which extent a wide communication should take place.

Data receivers and transmission

EET Europarts handles most personal data in private data centres. However, EET Europarts deploys certain in-house systems that handle data via Cloud-based systems. For every system, the handling of personal data has been outlined, hereunder if any assignment or transfer takes place, and if so, to which recipients.

Span of treatment

EET Europarts has, as far as possible, determined a span of treatment for the handling of activities in the specific systems. Generally, EET Europarts only store personal data for as long as it is necessary in regards to the purpose of the personal data handling.

Changes to EET Europarts’ privacy notice

EET Europarts can, at any given time and without notice, change this privacy notice with immediate effect. A notice will appear when logging into our website, or directly via email if any major changes take place. EET Europarts’ new privacy notice will be applicable going forward.

Complaints

The customers can complain about EET Europarts’s decisions here: info@eeteuroparts.at

The customers may also, at any given time, submit a question or complaint against EET Europarts’ handling of customers’ data to the Data Protection Agency. The customers may also, at any time, bring a personal data handling case to the court of law.